This commit is contained in:
Sam Rose 2023-11-08 10:03:22 +00:00
parent 6250609a30
commit 0633a3de65
No known key found for this signature in database
8 changed files with 81 additions and 21 deletions

View File

@ -26,7 +26,7 @@ export async function fetchSelf(ctx: UserCtx) {
} }
const appId = context.getAppId() const appId = context.getAppId()
let user: ContextUser = await getFullUser(ctx, userId) let user: ContextUser = await getFullUser(userId)
// this shouldn't be returned by the app self // this shouldn't be returned by the app self
delete user.roles delete user.roles
// forward the csrf token from the session // forward the csrf token from the session

View File

@ -1,10 +1,10 @@
import { generateUserFlagID, InternalTables } from "../../db/utils" import { generateUserFlagID, InternalTables } from "../../db/utils"
import { getFullUser } from "../../utilities/users" import { getFullUser } from "../../utilities/users"
import { context } from "@budibase/backend-core" import { context } from "@budibase/backend-core"
import { Ctx, UserCtx } from "@budibase/types" import { Ctx, FetchUserMetadataResponse, UserCtx } from "@budibase/types"
import sdk from "../../sdk" import sdk from "../../sdk"
export async function fetchMetadata(ctx: Ctx) { export async function fetchMetadata(ctx: Ctx<null, FetchUserMetadataResponse>) {
ctx.body = await sdk.users.fetchMetadata() ctx.body = await sdk.users.fetchMetadata()
} }
@ -44,7 +44,7 @@ export async function destroyMetadata(ctx: UserCtx) {
} }
export async function findMetadata(ctx: UserCtx) { export async function findMetadata(ctx: UserCtx) {
ctx.body = await getFullUser(ctx, ctx.params.id) ctx.body = await getFullUser(ctx.params.id)
} }
export async function setFlag(ctx: UserCtx) { export async function setFlag(ctx: UserCtx) {

View File

@ -1,7 +1,6 @@
const { roles, utils } = require("@budibase/backend-core") import { roles, utils } from "@budibase/backend-core"
const { checkPermissionsEndpoint } = require("./utilities/TestFunctions") import { checkPermissionsEndpoint } from "./utilities/TestFunctions"
const setup = require("./utilities") import * as setup from "./utilities"
const { BUILTIN_ROLE_IDS } = roles
jest.setTimeout(30000) jest.setTimeout(30000)
@ -47,8 +46,8 @@ describe("/users", () => {
request, request,
method: "GET", method: "GET",
url: `/api/users/metadata`, url: `/api/users/metadata`,
passRole: BUILTIN_ROLE_IDS.ADMIN, passRole: roles.BUILTIN_ROLE_IDS.ADMIN,
failRole: BUILTIN_ROLE_IDS.PUBLIC, failRole: roles.BUILTIN_ROLE_IDS.PUBLIC,
}) })
}) })
}) })
@ -56,7 +55,7 @@ describe("/users", () => {
describe("update", () => { describe("update", () => {
it("should be able to update the user", async () => { it("should be able to update the user", async () => {
const user = await config.createUser({ id: `us_update${utils.newid()}` }) const user = await config.createUser({ id: `us_update${utils.newid()}` })
user.roleId = BUILTIN_ROLE_IDS.BASIC user.roleId = roles.BUILTIN_ROLE_IDS.BASIC
delete user._rev delete user._rev
const res = await request const res = await request
.put(`/api/users/metadata`) .put(`/api/users/metadata`)
@ -74,14 +73,18 @@ describe("/users", () => {
const res1 = await request const res1 = await request
.put(`/api/users/metadata`) .put(`/api/users/metadata`)
.set(config.defaultHeaders()) .set(config.defaultHeaders())
.send({ ...user, roleId: BUILTIN_ROLE_IDS.BASIC }) .send({ ...user, roleId: roles.BUILTIN_ROLE_IDS.BASIC })
.expect(200) .expect(200)
.expect("Content-Type", /json/) .expect("Content-Type", /json/)
const res = await request const res = await request
.put(`/api/users/metadata`) .put(`/api/users/metadata`)
.set(config.defaultHeaders()) .set(config.defaultHeaders())
.send({ ...user, _rev: res1.body.rev, roleId: BUILTIN_ROLE_IDS.POWER }) .send({
...user,
_rev: res1.body.rev,
roleId: roles.BUILTIN_ROLE_IDS.POWER,
})
.expect(200) .expect(200)
.expect("Content-Type", /json/) .expect("Content-Type", /json/)
@ -95,14 +98,14 @@ describe("/users", () => {
await request await request
.put(`/api/users/metadata`) .put(`/api/users/metadata`)
.set(config.defaultHeaders()) .set(config.defaultHeaders())
.send({ ...user, roleId: BUILTIN_ROLE_IDS.BASIC }) .send({ ...user, roleId: roles.BUILTIN_ROLE_IDS.BASIC })
.expect(200) .expect(200)
.expect("Content-Type", /json/) .expect("Content-Type", /json/)
await request await request
.put(`/api/users/metadata`) .put(`/api/users/metadata`)
.set(config.defaultHeaders()) .set(config.defaultHeaders())
.send({ ...user, roleId: BUILTIN_ROLE_IDS.POWER }) .send({ ...user, roleId: roles.BUILTIN_ROLE_IDS.POWER })
.expect(409) .expect(409)
.expect("Content-Type", /json/) .expect("Content-Type", /json/)
}) })
@ -129,7 +132,7 @@ describe("/users", () => {
.expect(200) .expect(200)
.expect("Content-Type", /json/) .expect("Content-Type", /json/)
expect(res.body._id).toEqual(user._id) expect(res.body._id).toEqual(user._id)
expect(res.body.roleId).toEqual(BUILTIN_ROLE_IDS.ADMIN) expect(res.body.roleId).toEqual(roles.BUILTIN_ROLE_IDS.ADMIN)
expect(res.body.tableId).toBeDefined() expect(res.body.tableId).toBeDefined()
}) })
}) })

View File

@ -9,6 +9,7 @@ import { ScreenAPI } from "./screen"
import { ApplicationAPI } from "./application" import { ApplicationAPI } from "./application"
import { BackupAPI } from "./backup" import { BackupAPI } from "./backup"
import { AttachmentAPI } from "./attachment" import { AttachmentAPI } from "./attachment"
import { UserAPI } from "./user"
export default class API { export default class API {
table: TableAPI table: TableAPI
@ -21,6 +22,7 @@ export default class API {
application: ApplicationAPI application: ApplicationAPI
backup: BackupAPI backup: BackupAPI
attachment: AttachmentAPI attachment: AttachmentAPI
user: UserAPI
constructor(config: TestConfiguration) { constructor(config: TestConfiguration) {
this.table = new TableAPI(config) this.table = new TableAPI(config)
@ -33,5 +35,6 @@ export default class API {
this.application = new ApplicationAPI(config) this.application = new ApplicationAPI(config)
this.backup = new BackupAPI(config) this.backup = new BackupAPI(config)
this.attachment = new AttachmentAPI(config) this.attachment = new AttachmentAPI(config)
this.user = new UserAPI(config)
} }
} }

View File

@ -0,0 +1,48 @@
import { FetchUserMetadataResponse } from "@budibase/types"
import TestConfiguration from "../TestConfiguration"
import { TestAPI } from "./base"
export class UserAPI extends TestAPI {
constructor(config: TestConfiguration) {
super(config)
}
fetch = async (
{ expectStatus } = { expectStatus: 200 }
): Promise<FetchUserMetadataResponse> => {
const res = await this.request
.get(`/api/users/metadata`)
.set(this.config.defaultHeaders())
.expect("Content-Type", /json/)
if (res.status !== expectStatus) {
throw new Error(
`Expected status ${expectStatus} but got ${
res.status
} with body ${JSON.stringify(res.body)}`
)
}
return res.body
}
get = async (
id: string,
{ expectStatus } = { expectStatus: 200 }
): Promise<GetUserMetadataResponse> => {
const res = await this.request
.get(`/api/users/metadata/${id}`)
.set(this.config.defaultHeaders())
.expect("Content-Type", /json/)
if (res.status !== expectStatus) {
throw new Error(
`Expected status ${expectStatus} but got ${
res.status
} with body ${JSON.stringify(res.body)}`
)
}
return res.body
}
}

View File

@ -1,11 +1,13 @@
import { InternalTables } from "../db/utils" import { InternalTables } from "../db/utils"
import { getGlobalUser } from "./global" import { getGlobalUser } from "./global"
import { context, roles } from "@budibase/backend-core" import { context, roles } from "@budibase/backend-core"
import { UserCtx } from "@budibase/types" import { ContextUserMetadata, UserCtx, UserMetadata } from "@budibase/types"
export async function getFullUser(ctx: UserCtx, userId: string) { export async function getFullUser(
userId: string
): Promise<ContextUserMetadata> {
const global = await getGlobalUser(userId) const global = await getGlobalUser(userId)
let metadata: any = {} let metadata: UserMetadata | undefined = undefined
// always prefer the user metadata _id and _rev // always prefer the user metadata _id and _rev
delete global._id delete global._id
@ -14,11 +16,11 @@ export async function getFullUser(ctx: UserCtx, userId: string) {
try { try {
// this will throw an error if the db doesn't exist, or there is no appId // this will throw an error if the db doesn't exist, or there is no appId
const db = context.getAppDB() const db = context.getAppDB()
metadata = await db.get(userId) metadata = await db.get<UserMetadata>(userId)
delete metadata.csrfToken
} catch (err) { } catch (err) {
// it is fine if there is no user metadata yet // it is fine if there is no user metadata yet
} }
delete metadata.csrfToken
return { return {
...metadata, ...metadata,
...global, ...global,

View File

@ -6,3 +6,4 @@ export * from "./rows"
export * from "./table" export * from "./table"
export * from "./permission" export * from "./permission"
export * from "./attachment" export * from "./attachment"
export * from "./user"

View File

@ -0,0 +1,3 @@
import { ContextUserMetadata } from "src/documents"
export type FetchUserMetadataResponse = ContextUserMetadata[]